Overview Advantages of J2ME

Palmtops, Pagers and cell phones are everywhere and the variety is endless. The industry’s need for these devices to be able to run and perform almost any task that used to be done on desktops requires a standard and simple way to develop applications. The solution must suit a variety of platforms and take in care many limitations such as limited memory, small screen sizes, alternative input methods, and slow processors that being small brings with.

Recognizing that “one size doesn’t fit all”, Sun regrouped its Java technologies into three editions, each is aimed at a specific market segment:

o J2EE – Aimed at heavy duty server systems.

o J2SE – Aimed at Standard desktop & workstation applications

And Java 2 Platform Micro Edition (J2ME) – Aimed at Small & memory constrained devices and standardize the use of Java technology in wireless devices. The J2ME architecture had to be modular and scalable due to the diversity of target devices. To achieve this, J2ME provides a range of virtual machines, each optimized to the different processor types and memory footprints.

J2ME advantages include improved security and consistency of applications across platforms and devices, superior user interfaces with graphics, the ability to function off-line out of wireless coverage, peer-to-peer networking and no licensing expenses needed for the SDK, which means that anyone can create an application and market it.

J2ME vs. WAP

J2ME apps have much more to offer than those built under the Wireless Application Protocol (WAP), in terms of both features and security. Whereas WAP is a thin-client development protocol, J2ME is a development platform specifically for smart applications. J2ME applications offer the following security advantages over WAP applications:

o Without a WAP gateway in the middle, smart applications can provide scalable end-to-end security from the back end to wireless devices. This will become especially important as the back end evolves into a message-driven Web-services framework.

o Smart applications can store and process data locally, thereby reducing network traffic. Not only does this conserve precious wireless bandwidth and reduce latency, it reduces the likelihood that crucial information will be intercepted or interrupted (e.g., by denial-of-service attacks).

o Smart applications utilize device processing power efficiently. Instead of encrypting everything with the same key strength regardless of needs, rich clients can establish a comprehensive differentiating security policy based on the content.

J2ME vs. native platforms

As compared with the native platforms, the main strength of the Java platform is that it allows us to write portable applications. The Java platform’s portability stems from its execution model. Specifically, it stems from the use of the JVM to process Java bytecode into machine code at runtime, providing a compatibility layer on top of the hardware. The Java platform’s execution model also introduces some important security benefits that are lacking in device-native applications. These benefits are as follows:

o The JVM verifies all classes in class loaders and ensures that applications do not perform any dangerous operations. Because runtime class verification is computationally expensive for MIDP VMs, MIDP has a special two-step bytecode verification scheme. We’ll address this scheme in a later section.

o The JVM has a monitoring mechanism to safeguard runtime application errors. A good example is the garbage collector. The JVM can clean up application memory heaps automatically at runtime. This helps to avoid memory leaks, which are the major cause of crashes among native applications.

o The JVM can provide a security manager or sandbox for applications. Viruses and other hostile code accidentally downloaded from the Web can pose serious security risks. On the Java platform, entire applications (i.e., JAR files) can be digitally signed. The JVM security manager grants the signed application privileges to access specific APIs (domains) based on the trust level of the signer. We’ll discuss domain-based mobile code security in more detail in a later section.